29 matches found
EUVD-2020-7248
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-15180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a...
BIT-MARIADB-MIN-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
RHEL 6 : mariadb-galera (RHSA-2014:1937)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1937 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master clust...
BIT-MYSQL-CLIENT-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
BIT-MARIADB-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
[SECURITY] Fedora 35 Update: galera-26.4.13-1.fc35
Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see...
MGASA-2022-0070 Updated mariadb packages fix security vulnerability
InnoDB - --skip-symbolic-links does not disallow .isl file creation MDEV-26870 - Indexed CHAR columns are broken with NOPAD collations MDEV-25440 - insert-intention lock conflicts with waiting ORDINARY lock MDEV-27025 - Crash recovery improvements MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610...
OESA-2021-1250 mariadb security update
MariaDB turns data into structured information in a wide array of applications, ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make ...
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
ALPINE-CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
DEBIAN-CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
Command injection
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
CVE-2020-15180
The CVE-2020-15180 issue is in MariaDB’s mysql-wsrep component, where lack of input sanitization in wsrep_sst_method enables command injection on Galera cluster nodes. Affected are MariaDB releases prior to 10.1.47, 10.2.34, 10.3.25, 10.4.15, and 10.5.6. The risk includes potential unauthorized c...
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
Important: Red Hat Security Advisory: mariadb:10.3 security, bug fix, and enhancement update
An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...